It is known to provide data processing systems with the intent that the data processing operations performed and data values processed by such systems are difficult to determine from examination of the system. A good example of such a secure system is a smart card.
Smart cards are commonly used to control access to subscription services, such as satellite television and mobile phones. Smart cards are designed to be specific to a user, account or device and contain data that should be kept secure. They are designed to be cheap to manufacture and be small and mobile, such that a user can take them with him.
With satellite television such smart cards have secure encryption keys stored within them to allow a properly authorised user to decode received satellite television signals, which cannot be viewed by anyone not having the encryption keys. It is highly desirable that the encryption keys and any other security data stored within the card are maintained confidential to prevent their unauthorised use.
With mobile phones, a smart card specific to a user, will allow access to a phone network and allow the correct user to be billed for that access. Such a smart card will generally be controlled by the network company, while the phone itself could be made by a different company. Clearly it is not desirable that the information specific to the user that is stored on the card should be available to anyone else as this would allow it to be mimicked.
To this end, considerable effort is expended in making it difficult to determine the data processing operations being performed and the data values being manipulated within a smart card whilst it is operating by observing the smart card.
Smart cards were developed to enable secure data to be manipulated only within a small secure environment. Furthermore, they were made to be easily transferable between devices so that purchase of services, or migration of user data, using such cards could be done effectively. They are also small and relatively cheap to produce and the owner of the smart card itself has control over the security of the data, whatever system the card is being used in. For example, if the smart card is a card for a mobile phone then the owner of the card is the network operator, and it is they that wish to control of the security of the data. A disadvantage of these cards is that processing power available on smart cards is limited so that certain functionalities may not be possible. Furthermore, the transfer of data between a smart card and its host processing apparatus is often via a low-speed serial interface and as such the speed of data transfer is very limited.